On-line shopping offers unprecedented ease and convenience for consumers, while enabling merchants to reduce costs and obtain new customers. However, many consumers have been reluctant to take advantage of these benefits due to fear of theft of sensitive information such as credit card numbers. Efforts have been made to increase the security of such information. For example, in the secure socket layer (SSL) technique, messages sent between the consumer and the merchant are encrypted, thereby making it more difficult for a third party to intercept and use the information. However, this method does not provide the merchant with any verification of the identity of the consumer. Accordingly, if a third party were to obtain a credit card number by other fraudulent means such as theft of physical credit card, the SSL method would not prevent the third party from fraudulently using the stolen information.
Secure Electronic Transaction (SET™) techniques attempt to solve the foregoing problems by using digital certificates to authenticate the consumer/cardholder, the merchant, and the credit card issuer. Each certificate is issued by a trusted certificate authority. While SET™ is currently the most secure way to handle payments over the Internet, it requires digital certificates and cryptographic software to be installed and operated on the cardholder's computer.